Lucene search

[email protected]NVD:CVE-2015-0513

HistoryJan 21, 2015 - 3:17 p.m.

CVE-2015-0513

2015-01-2115:17:11

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

34.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging privileged access to set crafted values of unspecified fields.

Affected configurations

Nvd

Node

emcwatch4netRange≤6.5

Node

emcvipr_srmRange≤3.6.0

VendorProductVersionCPE
emcwatch4net*cpe:2.3:a:emc:watch4net:*:*:*:*:*:*:*:*
emcvipr_srm*cpe:2.3:a:emc:vipr_srm:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
emc	watch4net	*	cpe:2.3:a:emc:watch4net::::::::
emc	vipr_srm	*	cpe:2.3:a:emc:vipr_srm::::::::

References

archives.neohapsis.com/archives/bugtraq/2015-01/0092.html

www.securityfocus.com/bid/72259

www.securitytracker.com/id/1031567

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

34.7%

JSON

Related for NVD:CVE-2015-0513

prion1 zdt3 packetstorm3 cvelist1 cve1 securityvulns5 openvas1